Subscribers to a cable Internet access service who run Windows 95 on their computers may be inadvertently exposing their hard disks to other customers.
Today, Microsoft (MSFT) confirmed that Windows 95 users who subscribe to the MediaOne express cable modem service may be compromising the privacy of their data if they have activated the file- or print-sharing feature on their PCs. Company representatives said they plan to post a security bulletin on the Microsoft Web site later today.
A MediaOne spokesman implied that other broadband networks could be affected.
"To my knowledge, this is more of a problem revolving around the open architecture of this network. This is not unique to MediaOne express," MediaOne's Rob Stoddard said. "It is in fact an issue that we have been familiar with for some time. We have been talking to our customers about the issue since last year."
According to Stacey Breyfogle, a product manager at Microsoft, most users will not be affected because Windows 95 ships with file and print sharing turned off. The file and print features let users on a local area network share data and printers with each other.
Unlike most dial-up Internet service providers, MediaOne does not use a proxy server, which prevents users from being directly connected to the Internet, Breyfogle said. Users of Microsoft's Windows NT operating system are not affected by the problem because the OS does not allow "guest" users to log onto a computer's hard disk, she said.
News of the security risk was first reported by the Ziff-Davis News Network. Stoddard said that MediaOne express currently has more than 3,500 subscribers. He could not estimate how many users were affected by the Windows 95 security problem.
MediaOne is the broadband services division of U.S. West Media Group.
In related security news, Microsoft last week posted software fixes for Windows 95 that protect passwords from being snatched off users' computers by hackers.